CVE-2022-31264: 
Rust vulnerability analysis and mitigation

Solana solana_rbpf before version 0.2.29 contains an integer overflow vulnerability identified as CVE-2022-31264. The vulnerability was discovered on May 21, 2022, and affects the elf module (src/elf.rs) in the software. The issue occurs when processing invalid ELF program headers, which can lead to an addition integer overflow and subsequent program panic via a malformed eBPF program (AttackerKB, GitHub POC).

The vulnerability exists in the elf module's vmrange function where the combination of VirtAddr and MemSiz values can trigger an integer overflow. Specifically, when processing ELF headers with large values (such as 0xff00000100000000 + 0xff00000000000018), the direct addition operator with overflow checks causes the program to panic. This occurs in the debug build of the goblin library at line 132 (GitHub POC). The vulnerability was fixed in version 0.2.29 of solanarbpf (Solana Release).

When exploited, this vulnerability allows an attacker to perform a Denial of Service (DoS) attack by loading a malformed ELF file with carefully crafted data. The program will panic during the processing of these malformed headers, potentially disrupting the service (GitHub POC).

The vulnerability has been patched in solana_rbpf version 0.2.29, released on May 18, 2022. Users should upgrade to this version or later to mitigate the vulnerability (Solana Release).